41 |
Enabling Efficient Passive RFID SystemsThrough Modulation SilencingALMA'AITAH, ABDALLAH 01 May 2013 (has links)
RFID technology has attracted much attention due to its wide range of applications, such as inventory control and object tracking. Passive RFID tags are battery-less, mobile and lack intercommunication. Hence, they require a central node (the reader) to power them up, organize their replies, and read their data. In the last decade, several proposals have targeted the channel efficiency in RFID systems to improve time and power efficiencies. While such proposals achieve significant performance improvements, they are limited by the backscattering half-duplex channel in which the reader has to wait for the tag to finish its reply (even if the reply is corrupt or redundant).
In this thesis, the Modulation Silencing Mechanism (MSM) is proposed as a novel full-duplex-like communication over half-duplex RFID links. With a simple additional circuit at the tag and upgraded software algorithms at the reader, the reader is capable of terminating the tag's non-useful transmissions. Consequently, we propose three schemes that utilize MSM in key application domains where the tag-reader transaction contains a considerable amount of non-useful transmissions. MSM is utilized to enhance tag identification, tag count estimation and tag authentication.
First, we propose a Modulation Silencing Anti-collision (MSA) scheme that targets collision time reduction in time slotted anti-collision protocols. In MSA, the time requirements of state of the art identification protocols are significantly reduced. Moreover, we establish a backward compatibility procedure for proper identification of legacy and MSM-enabled tags. Secondly, a Variance- Modulation Silencing Estimation (VMSE) scheme is proposed to increase tag estimation accuracy and to minimize overall estimation time. Variance-to-mean ratio estimator is proposed to determine the most accurate tag count estimate. VMSE combines both, the accuracy of the variance-to-mean ratio estimator and the time efficiency of MSM and delivers rapid, accurate, and anonymous tag estimation that outperform recent estimation schemes for small and large scale tag deployment. Finally, we propose Unique Hash Sequence Authentication (UHSA) scheme for efficient tag authentication. The UHSA is based on hashed key prefetching algorithm at the reader augmented by the MSM circuitry at the tag. UHSA scheme provides higher time efficiency and robustness against tracking and compromising attacks. / Thesis (Ph.D, Electrical & Computer Engineering) -- Queen's University, 2013-04-30 12:38:44.0
|
42 |
A study of graphical alternatives for user authenticationJali, Mohd Zalisham January 2011 (has links)
Authenticating users by means of passwords is still the dominant form of authentication despite its recognised weaknesses. To solve this, authenticating users with images or pictures (i.e. graphical passwords) is proposed as one possible alternative as it is claimed that pictures are easy to remember, easy to use and has considerable security. Reviewing literature from the last twenty years found that few graphical password schemes have successfully been applied as the primary user authentication mechanism, with many studies reporting that their proposed scheme was better than their predecessors and they normally compared their scheme with the traditional password-based. In addition, opportunities for further research in areas such as image selection, image storage and retrieval, memorability (i.e. the user’s ability to remember passwords), predictability, applicability to multiple platforms, as well as users’ familiarity are still widely possible. Motivated by the above findings and hoping to reduce the aforementioned issues, this thesis reports upon a series of graphical password studies by comparing existing methods, developing a novel alternative scheme, and introducing guidance for users before they start selecting their password. Specifically, two studies comparing graphical password methods were conducted with the specific aims to evaluate users’ familiarity and perception towards graphical methods and to examine the performance of graphical methods in the web environment. To investigate the feasibility of combining two graphical methods, a novel graphical method known as EGAS (Enhanced Graphical Authentication System) was developed and tested in terms of its ease of use, ideal secret combination, ideal login strategies, effect of using smaller tolerances (i.e. areas where the click is still accepted) as well as users’ familiarity. In addition, graphical password guidelines (GPG) were introduced and deployed within the EGAS prototype, in order to evaluate their potential to assist users in creating appropriate password choices. From these studies, the thesis provides an alternative classification for graphical password methods by looking at the users’ tasks when authenticating into the system; namely click-based, choice-based, draw-based and hybrid. Findings from comparative studies revealed that although a number of participants stated that they were aware of the existence of graphical passwords, they actually had little understanding of the methods involved. Moreover, the methods of selecting a series of images (i.e. choice-based) and clicking on the image (i.e. click-based) are actually possible to be used for web-based authentication due to both of them reporting complementary results. With respect to EGAS, the studies have shown that combining two graphical methods is possible and does not introduce negative effects upon the resulting usability. User familiarity with the EGAS software prototype was also improved as they used the software for periods of time, with improvement shown in login time, accuracy and login failures. With the above findings, the research proposes that users’ familiarity is one of the key elements in deploying any graphical method, and appropriate HCI guidelines should be considered and employed during development of the scheme. Additionally, employing the guidelines within the graphical method and not treating them as a separate entity in user authentication is also recommended. Other than that, elements such as reducing predictability, testing with multiple usage scenarios and platforms, as well as flexibility with respect to tolerance should be the focus for future research.
|
43 |
Security of sensor networksTeo, Hong-Siang. 06 1900 (has links)
This thesis discusses the security of sensor networks. First, an overview of the security architectures of two dominant implementations of sensor networks in the market today is presented: the TinyOS stack and the IEEE 802.15.4 stack. Their similarities and differences are explored and their strength and limitations are discussed. Where applicable, comparisons are made with IEEE 802.11 Wireless LAN to highlight improvements and lessons learned. It is pointed out that in general, IEEE 802.15.4 offers better security, but replay protection is effectively missing in today's implementations and access control is poorly implemented. Consequently, TinyOS is still the better option for devices with severe resource constraints. Finally, as a tool to aid in the security analysis of sensor network, the design and implementation of a TinyOS sniffer is presented and captured frames for a simple sensor network application are analyzed for the purpose of validation.
|
44 |
Supporting Password-Security Decisions with DataUr, Blase Eric 01 September 2016 (has links)
Despite decades of research into developing abstract security advice and improving interfaces, users still struggle to make passwords. Users frequently create passwords that are predictable for attackers or make other decisions (e.g., reusing the same password across accounts) that harm their security. In this thesis, I use data-driven methods to better understand how users choose passwords and how attackers guess passwords. I then combine these insights into a better password-strength meter that provides real-time, data-driven feedback about the user’s candidate password. I first quantify the impact on password security and usability of showing users different passwordstrength meters that score passwords using basic heuristics. I find in a 2,931-participant online study that meters that score passwords stringently and present their strength estimates visually lead users to create stronger passwords without significantly impacting password memorability. Second, to better understand how attackers guess passwords, I perform comprehensive experiments on password-cracking approaches. I find that simply running these approaches in their default configuration is insufficient, but considering multiple well-configured approaches in parallel can serve as a proxy for guessing by an expert in password forensics. The third and fourth sections of this thesis delve further into how users choose passwords. Through a series of analyses, I pinpoint ways in which users structure semantically significant content in their passwords. I also examine the relationship between users’ perceptions of password security and passwords’ actual security, finding that while users often correctly judge the security impact of individual password characteristics, wide variance in their understanding of attackers may lead users to judge predictable passwords as sufficiently strong. Finally, I integrate these insights into an open-source password-strength meter that gives users data-driven feedback about their specific password. I evaluate this meter through a ten-participant laboratory study and 4,509-participant online study.
|
45 |
Study of Facebook’s application architectureSundar, Nataraj January 1900 (has links)
Master of Science / Department of Computing and Information Sciences / Xinming (Simon) Ou / Facebook is a social networking service launched in February of 2004, currently having 600 million active users. Users can create a personal profile, add other friends, and exchange messages and notifications when they change their profile. Facebook has the highest usage among all social networks worldwide. It's most valuable asset is access to the personal data of all its users, making the security of such data a primary concern. User's data can be accessed by Facebook and third parties using Applications(Applications are web applications that are loaded in the context of Facebook. Building an application on Facebook will allow integration with many aspects like the user's profile information, news feed, notifications etc). "On profile" advertisement in Facebook is a classic example of how Facebook tailors the advertisements a user can see, based on the information in his profile. Having prioritzed user friendlines and ease of use of the Applications over the security of the user's data, serious questions about privacy are raised.
We provide here an in-depth view of the Facebook's Application Authetication and Authorization architecture. We have included what, in our opinion, are the positives and negetives and suggested improvements. This document takes on the role of the User, the Application and Facebook server at appropriate points.
|
46 |
Distributed and collaborative key agreement protocols with authentication and implementation for dynamic peer groups.January 2003 (has links)
Lee, Pak-Ching. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2003. / Includes bibliographical references (leaves 80-83). / Abstracts in English and Chinese. / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Related Work --- p.5 / Chapter 3 --- Tree-Based Group Diffie-Hellman --- p.9 / Chapter 4 --- Interval-Based Distributed Rekeying Algorithms --- p.14 / Chapter 4.1 --- Rebuild Algorithm --- p.15 / Chapter 4.2 --- Batch Algorithm --- p.16 / Chapter 4.3 --- Queue-batch Algorithm --- p.19 / Chapter 5 --- Performance Evaluation --- p.22 / Chapter 5.1 --- Mathematical Analysis --- p.22 / Chapter 5.1.1 --- Analysis of the Rebuild Algorithm --- p.24 / Chapter 5.1.2 --- Analysis of the Batch Algorithm --- p.25 / Chapter 5.1.3 --- Analysis of the Queue-batch Algorithm --- p.30 / Chapter 5.2 --- Experiments --- p.31 / Chapter 5.3 --- Discussion of the experimental results --- p.35 / Chapter 6 --- Authenticated Tree-Based Group Diffie-Hellman --- p.43 / Chapter 6.1 --- Description of A-TGDH --- p.44 / Chapter 6.2 --- Security Analysis --- p.47 / Chapter 7 --- Implementation and Applications --- p.50 / Chapter 7.1 --- Leader and Sponsors --- p.51 / Chapter 7.1.1 --- Leader --- p.51 / Chapter 7.1.2 --- Sponsors --- p.53 / Chapter 7.1.3 --- Rekeying Operation --- p.56 / Chapter 7.2 --- System Architecture --- p.57 / Chapter 7.2.1 --- System Preliminaries --- p.57 / Chapter 7.2.2 --- System Components --- p.58 / Chapter 7.2.3 --- Implementation Considerations --- p.64 / Chapter 7.3 --- SGCL API --- p.65 / Chapter 7.4 --- Experiments --- p.67 / Chapter 7.5 --- Applications --- p.72 / Chapter 7.6 --- Future Extensions --- p.75 / Chapter 8 --- Conclusions and Future Directions --- p.76 / Chapter 8.1 --- Conclusions --- p.76 / Chapter 8.2 --- Future Directions --- p.77 / Chapter 8.2.1 --- Construction of a Hybrid Key Tree with the Physical and Logical Properties --- p.77 / Chapter 8.2.2 --- Extended Implementation --- p.79 / Bibliography --- p.80
|
47 |
On the protection of computation results of free-roaming agents against truncation and shred-not attacks. / CUHK electronic theses & dissertations collection / Digital dissertation consortiumJanuary 2002 (has links)
by Cheng Siu Lung. / "August 2002." / Thesis (Ph.D.)--Chinese University of Hong Kong, 2002. / Includes bibliographical references. / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Electronic reproduction. Ann Arbor, MI : ProQuest Information and Learning Company, [200-] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Mode of access: World Wide Web. / Abstracts in English and Chinese.
|
48 |
Requirements for a secure and efficientAuthentication System for a large organizationJuan CarlosCrespo, Juan Carlos January 2010 (has links)
In this thesis, a full review on what are the minimum requirements needed to perform an Authentication System is explained. While building the system we have in consideration the users of it, the security needed for each of the resources that must be accessed by the users and what methods can be applied to access to these resources. In basics, an Authentication System is built when we need to keep track to who is entering on an organization, the bigger the organization is and the more information must be keep safe the more complex the system will be. Although there are other methods, I tried to keep it easy and understandable for all the possible readers. With this, the reader will understand the basics that he need to keep in mind when implementing such a system like this. The organization in mind for the system is a University that consist between twenty two thousand (22.000) and twenty five thousand (25.000) users.
|
49 |
Credit-Based User Authentication for Delay Tolerant Mobile Wireless NetworksAlmotairi, Khaled Hatem January 2007 (has links)
Wireless Internet has become increasingly popular due to anywhere anytime access feature. The Internet architecture was designed underlying the existing of the end-to-end path connection. The promise of wireless Internet networks is to provide roaming users connectivity anywhere anytime. However, quality of service (QoS) is still an open issue in wireless networks, which are characterized by possible intermittent connectivity and large transmission delays, due to user mobility, sparse mobile node distribution, link failures (because of hostile propagation medium), and/or other high-priority traffc.
In this thesis, a credit-based user authentication scheme is proposed for delay tolerant mobile wireless networks. The proposed authentication scheme isolates the uncertain network condition in the high delay wireless backhaul with high error rate, and accelerates the overall authentication process when the mobile terminal roams in the visited network. Furthermore, an analytical study of overall network performance is presented for the authentication scheme in terms of authentication cost and delay. Simulation results demonstrate that the proposed credit-based authentication scheme reduces the overall real time transaction cost and delay for delay tolerant mobile wireless networks.
|
50 |
Establishing Confidence Level Measurements for Remote User Authentication in Privacy-Critical SystemsRobertson, Matthew January 2009 (has links)
User Authentication is the process of establishing confidence in the User identities presented to an information system. This thesis establishes a method of assigning a confidence level to the output of a user authentication process based on what attacks and threats it is vulnerable to. Additionally, this thesis describes the results of an analysis where the method was performed on several different authentication systems and the confidence level in the authentication process of these systems determined. Final conclusions found that most systems lack confidence in their ability to authenticate users as the systems were unable to operate in the face of compromised authenticating information. Final recommendations were to improve on this inadequacy, and thus improve the confidence in the output of the authentication process, through the verification of both static and dynamic attributes of authenticating information. A system that operates confidently in the face of compromised authenticating information that utilizes voice verification is described demonstrating the ability of an authentication system to have complete confidence in its ability to authenticate a user through submitted data.
|
Page generated in 0.1605 seconds